.activate-button {
  display: inline-block;
  padding: 10px 20px;
  font-size: 14px;
  font-weight: 400;
  color: #ffffff;
  border-radius: 4px;
  text-decoration: none;
  text-align: center;
  transition: all 0.3s ease;
  cursor: pointer;
  background: #113997;
}

.activate-button p {
  margin: 0;
}

.activate-button:hover,
.activate-button:focus {
  background-color: #113997e1; /* A darker shade of WordPress blue for hover */
  color: #ffffff;
  text-decoration: none;
  cursor: pointer;
}

.activate-button:active {
  background-color: #0a3495; /* Even darker for the active state */
  box-shadow: inset 0 3px 5px rgba(0, 0, 0, 0.125);
}


This API is used to validate a user session by exchanging the `sessionToken` obtained from the otpless after successful authentication. This server-to-server call requires the `clientId` and `clientSecret`.

Validate User Session

Payload containing the `sessionToken` received from otpless authentication and client credentials for verification.

clientIdHeader & clientSecretHeader

The user's information was successfully retrieved.

OTPLESS

slack

calendar-days

OTPLESS provides a modern approach to authentication and access management, designed for developers who prioritize both security and user experience. Our platform simplifies integration and enhances user interaction, allowing you to transcend traditional authentication with ease.

Introduction

Welcome to OTPLESS

Before you begin integrating OTPLESS into your application, complete the following initial steps to set up your environment.

Prerequisites

Get started with integrating OTPLESS by choosing the right tools for your project. Select from our range of Plugins, SDKs, and APIs to match your development needs.

Quick Start

The OTPLESS API provides a secure, efficient, and seamless way to authenticate users without the need for traditional passwords and OTPs.

Validates user details by exchanging the token obtained from the otplessUser object for the user's information. This server-to-server call requires authentication using the client ID and secret. Also the secureInfo details will only be included when the Secure SDK is integrated as part of the authentication implementation.

Verify token

Activating the Pro Plan on OTPless is a straightforward process. Follow these steps to get started:

Activate Pro Plan

How to Activate Pro Plan

A Redirect URI is a critical component in the authentication process, acting as the endpoint to which users are directed after authentication. In mobile apps, these often take the form of deep links, which bring users back to the app from a web-based authentication flow.

What's Redirect URI?

Webhooks are a powerful mechanism for receiving real-time notifications about events occurring within the OTPLESS system. By integrating webhooks into your application, you can gain valuable insights into user authentication activities and delivery reports, enabling efficient tracking and reporting.

Webhook Guide

Webhooks are a powerful mechanism for receiving real-time notifications about events occurring within the OTPLESS system. By integrating webhooks into your application, you can gain valuable insights into user authentication activities and system health, enabling efficient tracking and reporting.

Webhook Guide (Legacy)

The **OTPLESS AutoRead SDK** simplifies the process of automatically reading OTPs from **SMS, WhatsApp ZeroTap or WhatsApp OneTap**, enhancing the user experience in your Android applications.

OTP Auto Read

Auto Read SDK

Enhance user experience with Auto Read functionality for WhatsApp and SMS on Android Apps, providing a seamless and zero-tap OTP auth.

Auto Read OTP in OTPless Auth SDK

Learn how the id_token can simplify and secure user authentication in your applications.

id_token (JWT)

This documentation outlines the flexible and customizable sign-up and sign-in configurations available in OTPLESS, including passwordless authentication methods, social logins, and multi-factor authentication (MFA) options, designed to enhance security and user experience. It provides detailed guidance on configuring these settings through the OTPLESS dashboard and upcoming features like password-based authentication and resetting MFA.

Authentication configuration

Signup and Signin configuration

Smart Auth is a multi-layered solution that maximizes user conversion rates and ensures robust security using a waterfall model. It transitions seamlessly through various methods to provide a smooth, secure user experience.

Smart Auth

Authentication via Whatsapp utilizes the WhatsApp platform to verify and identify user identity, leveraging it as a means of verification.

Authentication via WhatsApp

Authentication via Whatsapp

Community

Schedule a Call

Home

Frontend SDKs

API Reference

Resources

Sign in

Contact Support

Silent Network Authentication (SNA) leverages the built-in cryptographic capabilities of a user’s SIM card to verify their identity without any manual input beyond initiating the flow. By directly integrating with mobile network operators, SNA provides an authentication experience that’s both secure and frictionless—delivering a win-win for end users and businesses alike.

Silent Network Auth 101

Silent Network Authentication (SNA)

An in-depth look at passkeys, their operation, benefits, and implementation with OTPless.

Passkey 101

Understanding Passkeys and How They Work

This document provides a comprehensive overview of how **OTPless Passkey** integrates with your app/website to offer secure, passwordless biometric authentication for end users. The integration is based on the **FIDO 2.0** framework, leveraging the security and convenience of **passkeys**. The focus is on the technical flow within the **OTPless SDK**, key entities like the **Relying Party (RP)**, **Authenticator**, and **Client**, and how passkeys enable strong authentication. Additionally, it details the backend checks OTPless performs to verify the authenticator's response during both registration and login.

Integration Overview

This document is designed to assist merchants in integrating the OTPless Passkey API to create user identities and initiate Passkey-based login through the OTPless SDK. Passkey provides secure, device-based authentication for end users, enhancing both security and user experience.

Integration with API

OTPless Passkey API Integration Guide

Learn how to enable passkey reuse across multiple domains, subdomains, and applications with Related Origin and Subdomain Requests.

Related Domains and Subdomains

Allow Passkey Reuse Across Your Sites with Related Origin and Subdomain Requests

Learn how to optimize authentication costs for returning users by leveraging OTPless SmartAuth combined with biometric authentication. This approach provides a seamless user experience while significantly reducing authentication costs for merchants.

Relogin Cost Optimization

Cost Optimization for Relogins

Session Management in OTPLESS allows developers to control user session durations, manage inactivity timeouts, validate session tokens, and revoke sessions in real-time for enhanced security and user experience.

Session Management 101

Session Management

Learn how to manage OTPless user sessions effectively using session tokens for secure and seamless authentication.

How to use Sessions

How to use OTPless Session Management

Below are examples of ways to use session management.

Session Management Examples

Integrating Session Management

Integrating Session Management in your application

Learn how to decode and understand the claims in a session JWT token generated by OTPless.

JWT Token Claims

Understanding Claims in Session JWT Token

In a stateless HTTP world, maintaining authentication state between requests is crucial to providing a seamless user experience. While asking users to re-authenticate on every request is not practical, developers have two popular options to maintain authentication state: **Session Cookies** and **JSON Web Tokens (JWTs)**. Both approaches have distinct pros and cons, making it important to evaluate them in the context of your application’s requirements.

Session tokens vs JWTs

OTPLESS Smart Signals provide actionable device intelligence to help fight fraud. This documentation covers the overview, setup, and individual Smart Signal components for both web and mobile platforms.

Secure SDK Signals

Explore the OTPLESS JavaScript SDK to seamlessly integrate various authentication methods into your applications. This SDK allows you to leverage pre-built UI components or create your own custom interfaces.

Leverage our Pre-Built UI for rapid integration and customization of authentication flows in your application. This setup allows you to adjust appearance and functionality through the OTPLESS dashboard with minimal coding.

Pre-Built UI

Utilize our Headless SDK for ultimate flexibility. Craft your own tailored UI and seamlessly integrate OTPLESS authentication capabilities using our SDK.

Headless

Prevent fraud, detect bots, and deliver seamless experiences with reliable browser fingerprinting.

Secure

Harness the power of OTPLESS with your React applications to streamline user authentication. This SDK is designed to integrate seamlessly with React, offering both pre-built components and headless functionality for custom UI implementations.

Harness the power of OTPLESS with your Angular applications to streamline user authentication. This SDK is designed to integrate seamlessly with Angular, offering both pre-built components and headless functionality for custom UI implementations.

Explore the OTPLESS VU SDK to seamlessly integrate various authentication methods into your applications. This SDK allows you to leverage pre-built UI components or create your own custom interfaces.

Explore the OTPLESS Flutter Web SDK to seamlessly integrate various authentication methods into your applications. This SDK allows you to leverage pre-built UI components or create your own custom interfaces.

Explore the OTPLESS Android SDK to seamlessly integrate various authentication methods into your applications. This SDK allows you to leverage pre-built UI components or create your own custom interfaces.

Explore the OTPLESS iOS SDK to seamlessly integrate various authentication methods into your applications. This SDK allows you to leverage pre-built UI components or create your own custom interfaces.

Explore the OTPLESS Flutter SDK to seamlessly integrate various authentication methods into your applications. This SDK allows you to leverage pre-built UI components or create your own custom interfaces.

Explore the OTPLESS React Native SDK to seamlessly integrate various authentication methods into your applications. This SDK allows you to leverage pre-built UI components or create your own custom interfaces.

Explore the OTPLESS Ionic SDK to seamlessly integrate various authentication methods into your applications. This SDK allows you to leverage pre-built UI components or create your own custom interfaces.

API Documentation

Verify Frontend SDK token

Validate User Session

Authorizations

Body

Response